Описание
ELSA-2007-0940: Important:kernel security update (NA)
[2.6.18-8.1.15.0.1.el5]
- Fix bonding primary=ethX (Bert Barbe) [IT 101532] [ORA 5136660]
- Add entropy module option to e1000/bnx2 (John Sobecki) [ORA 6045759]
[2.6.18-8.1.15.el5]
- [dlm] A TCP connection to DLM port blocks DLM operations (Patrick Caulfield ) [245922] {CVE-2007-3380}
- [ppc] 4k page mapping support for userspace in 64k kernels (Scott Moser ) [275841] {CVE-2007-3850}
- [ptrace] NULL pointer dereference triggered by ptrace (Anton Arapov ) [275981] {CVE-2007-3731}
- [fs] hugetlb: fix prio_tree unit (Konrad Rzeszutek ) [253929] {CVE-2007-4133}
- [x86_64] Don't leak NT bit into next task (Dave Anderson ) [298151] {CVE-2007-4574}
- [fs] Reset current->pdeath_signal on SUID binary execution (Peter Zijlstra ) [252307] {CVE-2007-3848}
- [misc] Bounds check ordering issue in random driver (Anton Arapov ) [275961] {CVE-2007-3105}
- [usb] usblcd: Locally triggerable memory consumption (Anton Arapov ) [276001] {CVE-2007-3513}
- [net] igmp: check for NULL when allocating GFP_ATOMIC skbs (Neil Horman ) [303281]
- [scsi] aacraid: Missing ioctl() permission checks (Vitaly Mayatskikh ) [298371] {CVE-2007-4308}
- [xen] Guest access to MSR may cause system crash/data corruption (Bhavana Nagendra ) [253312] {CVE-2007-3733}
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel
2.6.18-8.1.15.0.1.el5
kernel-devel
2.6.18-8.1.15.0.1.el5
kernel-doc
2.6.18-8.1.15.0.1.el5
kernel-headers
2.6.18-8.1.15.0.1.el5
kernel-xen
2.6.18-8.1.15.0.1.el5
kernel-xen-devel
2.6.18-8.1.15.0.1.el5
ocfs2-2.6.18-8.1.15.0.1.el5
1.2.6-6.el5
ocfs2-2.6.18-8.1.15.0.1.el5xen
1.2.6-6.el5
oracleasm-2.6.18-8.1.15.0.1.el5
2.0.4-1.el5
oracleasm-2.6.18-8.1.15.0.1.el5xen
2.0.4-1.el5
Oracle Linux i386
kernel
2.6.18-8.1.15.0.1.el5
kernel-PAE
2.6.18-8.1.15.0.1.el5
kernel-PAE-devel
2.6.18-8.1.15.0.1.el5
kernel-devel
2.6.18-8.1.15.0.1.el5
kernel-doc
2.6.18-8.1.15.0.1.el5
kernel-headers
2.6.18-8.1.15.0.1.el5
kernel-xen
2.6.18-8.1.15.0.1.el5
kernel-xen-devel
2.6.18-8.1.15.0.1.el5
ocfs2-2.6.18-8.1.15.0.1.el5
1.2.6-6.el5
ocfs2-2.6.18-8.1.15.0.1.el5PAE
1.2.6-6.el5
ocfs2-2.6.18-8.1.15.0.1.el5xen
1.2.6-6.el5
oracleasm-2.6.18-8.1.15.0.1.el5
2.0.4-1.el5
oracleasm-2.6.18-8.1.15.0.1.el5PAE
2.0.4-1.el5
oracleasm-2.6.18-8.1.15.0.1.el5xen
2.0.4-1.el5
Ссылки на источники
Связанные уязвимости
The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in %cs (the xcs field) during ptrace single-step operations, which allows local users to cause a denial of service (NULL dereference and OOPS) via certain code that makes ptrace PTRACE_SETREGS and PTRACE_SINGLESTEP requests, related to the TRACE_IRQS_ON function, and possibly related to the arch_ptrace function.
The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in %cs (the xcs field) during ptrace single-step operations, which allows local users to cause a denial of service (NULL dereference and OOPS) via certain code that makes ptrace PTRACE_SETREGS and PTRACE_SINGLESTEP requests, related to the TRACE_IRQS_ON function, and possibly related to the arch_ptrace function.
The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in %cs (the xcs field) during ptrace single-step operations, which allows local users to cause a denial of service (NULL dereference and OOPS) via certain code that makes ptrace PTRACE_SETREGS and PTRACE_SINGLESTEP requests, related to the TRACE_IRQS_ON function, and possibly related to the arch_ptrace function.
The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid ...
The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space.